In part 1 of Domain 3, Security Architecture and Engineering, we covered secure design principles, security models, structured approaches to selecting controls, the capabilities of system components, and the mitigation of system vulnerabilities.